CVSS: 9.3EPSS: 94%CPEs: 18EXPL: 1CVE-2011-2950 – RealNetworks Realplayer QCP Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-2950
Heap-based buffer overflow in qcpfformat.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted QCP file. Desbordamiento de buffer basado en memoria dinámica (heap) en qcpfformat.dll en RealNetworks RealPlayer v11.0 a v11.1 y v14.0.0 a v14.0.5, y RealPlayer SP v1.0 a v1.1.5 permite a atacantes remotos ejecutar código de su elección mediante un archivo QCP debidamente modificado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within qcpfformat.dll, which is responsible for parsing QCP media files. The process creates a static 256 byte allocation on the heap and trusts a user-supplied counter from the file within a memory copy loop. • https://www.exploit-db.com/exploits/17849 http://securityreason.com/securityalert/8388 http://service.real.com/realplayer/security/08162011_player/en http://www.securityfocus.com/bid/49172 http://www.securitytracker.com/id?1025943 http://zerodayinitiative.com/advisories/ZDI-11-265 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 23%CPEs: 19EXPL: 0CVE-2011-2951 – RealNetworks RealPlayer Advanced Audio Coding Element Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-2951
Buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer 12.0.0.1569 allows remote attackers to execute arbitrary code via a crafted raw_data_frame field in an AAC file. Un desbordamiento de búfer en RealNetworks RealPlayer v11.0 a v11.1 y v14.0.0 a v14.0.5, RealPlayer SP v1.0 a v1.1.5 y Mac RealPlayer v12.0.0.1569 permite a atacantes remotos ejecutar código de su elección a través de un campo raw_data_frame debidamente modificado en un archivo AAC. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks Real Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists due to the application using a size defined in a header in order to allocate some number of bytes. When processing an AAC raw_data_frame, the application will use the product of the original length and a field inside one of its elements. • http://service.real.com/realplayer/security/08162011_player/en http://www.securitytracker.com/id?1025943 http://zerodayinitiative.com/advisories/ZDI-11-266 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.0EPSS: 0%CPEs: 18EXPL: 0CVE-2011-2947 – RealNetworks RealPlayer Cross-Zone Scripting Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-2947
Cross-zone scripting vulnerability in the RealPlayer ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to inject arbitrary web script or HTML in the Local Zone via a local HTML document. Una vulnerabilidad de secuencias de comandos en zonas cruzadas en el control ActiveX de RealPlayer en RealNetworks RealPlayer v11.0 a v11.1 y v14.0.0 a 14.0.5, y RealPlayer SP v1.0 a v1.1.5, permite a atacantes remotos inyectar secuencias de comandos web o HTML en la zona local a través de un documento en formato HTML almacenado localmente. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists due to the fact that RealPlayer allows users to run local HTML files with scripting enabled without any warning. The RealPlayer ActiveX control can be scripted from a web browser to load local HTML files. • http://service.real.com/realplayer/security/08162011_player/en http://www.securitytracker.com/id?1025943 http://zerodayinitiative.com/advisories/ZDI-11-269 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.7EPSS: 40%CPEs: 15EXPL: 0CVE-2011-1426 – RealNetworks RealPlayer OpenURLInDefaultBrowser Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-1426
The OpenURLInDefaultBrowser method in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.2, and RealPlayer SP 1.0 through 1.1.5, launches a default handler for the filename specified in the first argument, which allows remote attackers to execute arbitrary code via a .rnx filename corresponding to a crafted RNX file. El método OpenURLInDefaultBrowser en RealNetworks RealPlayer v11.0 hasta v11.1 y v14.0.0 hasta v14.0.2, y RealPlayer SP v1.0 hasta v1.1.5, inicia un controlador por defecto para un archivo específico en el primer argumento, lo que permite a atacantes remotos ejecutar código de su elección a través de un archivo .rnx correspondiente a un archivo manipulado RNX. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within RealPlayer exposes a method called OpenURLInDefaultBrowser() that can be accessed through RealPlayer's internal browser. When this method is called, it will open and execute the first parameter based on the operating system's default handler for the filetype. • http://securitytracker.com/id?1025351 http://service.real.com/realplayer/security/04122011_player/en http://www.securityfocus.com/archive/1/517470/100/0/threaded http://www.securityfocus.com/bid/47335 http://www.vupen.com/english/advisories/2011/0979 http://zerodayinitiative.com/advisories/ZDI-11-122 https://exchange.xforce.ibmcloud.com/vulnerabilities/66728 •
CVSS: 9.3EPSS: 39%CPEs: 24EXPL: 4CVE-2011-1525 – RealPlayer 14.0.1.633 - Heap Overflow
https://notcve.org/view.php?id=CVE-2011-1525
Heap-based buffer overflow in rvrender.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.2, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted frame in an Internet Video Recording (IVR) file. Desbordamiento de búfer en la región heap de la memoria en la biblioteca rvrender.dll en RealPlayer versiones 11.0 hasta 11.1 y versiones 14.0.0 hasta 14.0.2, y RealPlayer SP versiones 1.0 hasta 1.1.5, de RealNetworks, permite a atacantes remotos ejecutar código arbitrario por medio de una trama especialmente diseñada en un archivo de Internet Video Recording ( IVR). • https://www.exploit-db.com/exploits/17019 http://aluigi.org/adv/real_5-adv.txt http://osvdb.org/71260 http://secunia.com/advisories/43847 http://securityreason.com/securityalert/8181 http://service.real.com/realplayer/security/04122011_player/en http://www.exploit-db.com/exploits/17019 http://www.securityfocus.com/archive/1/517083/100/0/threaded http://www.securityfocus.com/bid/46946 http://www.securitytracker.com/id?1025245 https://exchange.xforce.ibmcloud.com/vulnerabili • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •